7.0 beta - security problem using servlet

Similar Messages

• Row-level security problem using VPD

  Hi all,
  I've implemented row-level security for my application using the following procedure:
  1) Created a procedure for setting the context for the application:
  PROCEDURE set_empno
  IS
  emp_id NUMBER;
  BEGIN
  BEGIN
  SELECT empno
  INTO emp_id
  FROM SCOTT.EMP
  WHERE upper(ename) = SYS_CONTEXT('USERENV', 'SESSION_USER');
  DBMS_SESSION.SET_CONTEXT('emp_sel_context', 'empno', emp_id);
  EXCEPTION
  WHEN OTHERS THEN emp_id := 0;
  END;
  END;
  2) Created the application context:
  CREATE CONTEXT emp_sel_context USING secman.app_security_context;
  In which secman is my security schema and app_security_context is the name of above procedure package.
  3) Created a function to access the application context:
  FUNCTION emp_sec(E1 VARCHAR2, E2 VARCHAR2) RETURN VARCHAR2
  IS
  e_predicate VARCHAR2(2000);
  BEGIN
  e_predicate := 'empno = SYS_CONTEXT(''emp_sel_context'', ''empno'')';
  RETURN e_predicate;
  END;
  END;
  4) Created a logon trigger:
  CREATE OR REPLACE
  TRIGGER INIT_CONTEXT AFTER
  LOGON ON DATABASE
  BEGIN
  SECMAN.APP_SECURITY_CONTEXT.SET_EMPNO;
  END;
  5) Added a policy on scott.emp like this:
  begin
  dbms_rls.add_policy (
  object_schema => 'SCOTT',
  object_name => 'EMP',
  policy_name => 'EMP_SEL_POLICY',
  function_schema => 'SECMAN',
  policy_function => 'EMP_SECURITY.EMP_SEC',
  statement_types => 'SELECT',
  update_check => TRUE
  end;
  My problem is that when a user queries the EMP table the above procedure does not work and 'no rows selected' is returned for each user that queries the table. Does anybody know which part of my procedure is wrong?
  Any helps is really appreciated.
  S/\EE|)

  i,
  I suggest:
  create another table emp1(logon with scott),this table only include empno,ename,then insert a few record,then modify
  procedure set_empno as
  PROCEDURE set_empno
  IS
  emp_id NUMBER;
  BEGIN
  BEGIN
  SELECT empno
  INTO emp_id
  FROM SCOTT.EMP1
  WHERE upper(ename) = SYS_CONTEXT('USERENV', 'SESSION_USER');
  DBMS_SESSION.SET_CONTEXT('emp_sel_context', 'empno', emp_id);
  EXCEPTION
  WHEN OTHERS THEN emp_id := 0;
  END;
  END;
  certainly ,you should grant select on emp1 to the user who will be test.
  lixinzhu
  2007/09/17

• Security Problem Using an Impersonate User to exectue a bacth File

  Hi,
  I create a little windows application that have to create a list of Folder and also assign some User or group
  This application will be launched by any user from a shortcut on there own desktop
  The process in my application have to run under a domain User that will have the rights to execute those tasks
  The problem that I face now is that I can
  from my batch File create  all the folder that I need but the command that give the grant to certain users or group  fail. (See at the end of this question)
  I would like to know what permissions I have to give to the Impersonate user to achieve this goal
  Also where we should give this permission?  on a folder or  in active directory
  This is my application code and at the end you will find some command comming from the batch file that is execute from the process with the impersonate User
  I dont know if this is important but the domain use Active Directory 2008
  If there is something wrong I will appreciate to show me what I am doing wrong
  Vb Code
              Dim sDomain As String = My.Settings.DomainName
              Dim sUser As String = My.Settings.UserName
              Dim sPass As String = My.Settings.UserPassword
              Dim tokenHandle As New IntPtr(0)
              Try
                  If LogonUser(sUser, sDomain, sPass, 2, 0, tokenHandle) Then
                      Dim newId As New WindowsIdentity(tokenHandle)
                      Using impersonatedUser As WindowsImpersonationContext = newId.Impersonate()
                          'perform impersonated commands                        
                          ProcessBatchFile(sFullUncPath, sNoProject, sYear, sAddConstructionSite)
                      End Using
                      CloseHandle(tokenHandle)
                  Else
                      MessageBox.Show("Impossible to identify  the usager : " & sUser & " du domaine " & sDomain)
                  End If
              Catch ex As Exception
                  MessageBox.Show(ex.Message.ToString)
              Finally
                  lblWaitMessage.Visible = False
                  Me.btnGenerate.Enabled = True
                  Application.DoEvents()
              End Try
  Private Sub ProcessBatchFile(sFileRootPath As String, sProjectName As String, sYearFolder As String, sAddConstructionSite As String)
          Dim sBatchFileToLoad As String = String.Empty
          sBatchFileToLoad = "FileA.Bat"
          Dim sArgument As String = sYearFolder & " " & sProjectName & " " & sAddConstructionSite
          Try
              Using P As New Process()
                  'Launch a standard hidden command window
                  P.StartInfo.FileName = "cmd.exe"
                  P.StartInfo.WindowStyle = ProcessWindowStyle.Hidden
                  P.StartInfo.CreateNoWindow = True
                  'Needed to redirect standard error/output/input
                  P.StartInfo.UseShellExecute = False
                  P.StartInfo.RedirectStandardInput = True
                  P.StartInfo.RedirectStandardOutput = True
                  'Add handler for when data is received
                  AddHandler P.OutputDataReceived, AddressOf SDR
                  'Start the process
                  P.Start()
                  'Begin async data reading
                  P.BeginOutputReadLine()
                  '"Map" our drive
                  P.StandardInput.WriteLine("pushd " & Application.StartupPath)
                  'Call our command, you could pass args here if you wanted
                  P.StandardInput.WriteLine(sBatchFileToLoad & " " & sArgument)
                  'Once our command is done CMD.EXE will still be sitting around so manually exit
                  P.StandardInput.WriteLine("exit")
                  P.WaitForExit()
              End Using
          Catch ex As Exception
              MessageBox.Show("Une erreur est survenue durant la création des répertoires" & vbCrLf & ex.Message.ToString)
          End Try
      End Sub
  Batch File command
  -- This command work fine and create the folder Gestion de Contrat
  md "Gestion de Contrat"  
  -- These command concerning grant fail
  icacls "Gestion de Contrat" /grant "Patrons":(OI)(CI)(RX)
  icacls "Gestion de Contrat" /grant "Patrons":(OI)(CI)(RD)
  icacls "Gestion de Contrat" /grant "Patrons":(OI)(CI)(W)
  icacls "Gestion de Contrat" /grant "Patrons":(OI)(CI)(M)
  icacls "Gestion de Contrat" /grant "Secretaires":(OI)(CI)(RX)
  icacls "Gestion de Contrat" /grant "Secretaires":(OI)(CI)(RD)
  icacls "Gestion de Contrat" /grant "Secretaires":(OI)(CI)(W)
  icacls "Gestion de Contrat" /grant "Secretaires":(OI)(CI)(M)
  icacls "Gestion de Contrat" /grant "Administration":(OI)(CI)(RX)
  icacls "Gestion de Contrat" /grant "Administration":(OI)(CI)(RD)
  icacls "Gestion de Contrat" /grant "Administration":(OI)(CI)(W)
  icacls "Gestion de Contrat" /grant "Administration":(OI)(CI)(M)
  Thanks in advance
  GC99

  Hi,
  I create a little windows application that have to create a list of Folder and also assign some User or group
  This application will be launched by any user from a shortcut on there own desktop
  The process in my application have to run under a domain User that will have the rights to execute those tasks
  The problem that I face now is that I can
  from my batch File create  all the folder that I need but the command that give the grant to certain users or group  fail. (See at the end of this question)
  I would like to know what permissions I have to give to the Impersonate user to achieve this goal
  Also where we should give this permission?  on a folder or  in active directory
  This is my application code and at the end you will find some command comming from the batch file that is execute from the process with the impersonate User
  I dont know if this is important but the domain use Active Directory 2008
  If there is something wrong I will appreciate to show me what I am doing wrong
  Vb Code
              Dim sDomain As String = My.Settings.DomainName
              Dim sUser As String = My.Settings.UserName
              Dim sPass As String = My.Settings.UserPassword
              Dim tokenHandle As New IntPtr(0)
              Try
                  If LogonUser(sUser, sDomain, sPass, 2, 0, tokenHandle) Then
                      Dim newId As New WindowsIdentity(tokenHandle)
                      Using impersonatedUser As WindowsImpersonationContext = newId.Impersonate()
                          'perform impersonated commands                        
                          ProcessBatchFile(sFullUncPath, sNoProject, sYear, sAddConstructionSite)
                      End Using
                      CloseHandle(tokenHandle)
                  Else
                      MessageBox.Show("Impossible to identify  the usager : " & sUser & " du domaine " & sDomain)
                  End If
              Catch ex As Exception
                  MessageBox.Show(ex.Message.ToString)
              Finally
                  lblWaitMessage.Visible = False
                  Me.btnGenerate.Enabled = True
                  Application.DoEvents()
              End Try
  Private Sub ProcessBatchFile(sFileRootPath As String, sProjectName As String, sYearFolder As String, sAddConstructionSite As String)
          Dim sBatchFileToLoad As String = String.Empty
          sBatchFileToLoad = "FileA.Bat"
          Dim sArgument As String = sYearFolder & " " & sProjectName & " " & sAddConstructionSite
          Try
              Using P As New Process()
                  'Launch a standard hidden command window
                  P.StartInfo.FileName = "cmd.exe"
                  P.StartInfo.WindowStyle = ProcessWindowStyle.Hidden
                  P.StartInfo.CreateNoWindow = True
                  'Needed to redirect standard error/output/input
                  P.StartInfo.UseShellExecute = False
                  P.StartInfo.RedirectStandardInput = True
                  P.StartInfo.RedirectStandardOutput = True
                  'Add handler for when data is received
                  AddHandler P.OutputDataReceived, AddressOf SDR
                  'Start the process
                  P.Start()
                  'Begin async data reading
                  P.BeginOutputReadLine()
                  '"Map" our drive
                  P.StandardInput.WriteLine("pushd " & Application.StartupPath)
                  'Call our command, you could pass args here if you wanted
                  P.StandardInput.WriteLine(sBatchFileToLoad & " " & sArgument)
                  'Once our command is done CMD.EXE will still be sitting around so manually exit
                  P.StandardInput.WriteLine("exit")
                  P.WaitForExit()
              End Using
          Catch ex As Exception
              MessageBox.Show("Une erreur est survenue durant la création des répertoires" & vbCrLf & ex.Message.ToString)
          End Try
      End Sub
  Batch File command
  -- This command work fine and create the folder Gestion de Contrat
  md "Gestion de Contrat"  
  -- These command concerning grant fail
  icacls "Gestion de Contrat" /grant "Patrons":(OI)(CI)(RX)
  icacls "Gestion de Contrat" /grant "Patrons":(OI)(CI)(RD)
  icacls "Gestion de Contrat" /grant "Patrons":(OI)(CI)(W)
  icacls "Gestion de Contrat" /grant "Patrons":(OI)(CI)(M)
  icacls "Gestion de Contrat" /grant "Secretaires":(OI)(CI)(RX)
  icacls "Gestion de Contrat" /grant "Secretaires":(OI)(CI)(RD)
  icacls "Gestion de Contrat" /grant "Secretaires":(OI)(CI)(W)
  icacls "Gestion de Contrat" /grant "Secretaires":(OI)(CI)(M)
  icacls "Gestion de Contrat" /grant "Administration":(OI)(CI)(RX)
  icacls "Gestion de Contrat" /grant "Administration":(OI)(CI)(RD)
  icacls "Gestion de Contrat" /grant "Administration":(OI)(CI)(W)
  icacls "Gestion de Contrat" /grant "Administration":(OI)(CI)(M)
  Thanks in advance
  GC99

• Problem using weblogic6.1 to show image via JSP

            I am trying to load an image from database,we use Oracle8, the data type of the
            image field is Long Raw.
            The following code can work on Tomcat, that is it can show the image, but on weblogic
            it can not.
            <%@ page import="java.sql.*,javax.servlet.*,java.io.*" %>
            <%
            //Define the database connection: bedb
            %>
            <%
            response.setContentType("image/gif");
            ServletOutputStream ot = response.getOutputStream();
            BufferedOutputStream os = new BufferedOutputStream(ot);
            byte[] b = null;
            String m_Sql="select image from Image";
            ResultSet rsimage = bedb.executeQuery(m_Sql);
            if (rsimage.next())
            b=rsimage.getBytes(1);
            if(b!=null)
            os.write(b);
            os.flush();
            os.close();
            %>
            

  If you look at the generated code, you will see that there are newlines
            inserted before your image data. Your safest bet is to use servlet instead of
            JSP to generate binary data.
            nova <[email protected]> wrote:
            > I am trying to load an image from database,we use Oracle8, the data type of the
            > image field is Long Raw.
            > The following code can work on Tomcat, that is it can show the image, but on weblogic
            > it can not.
            > <%@ page import="java.sql.*,javax.servlet.*,java.io.*" %>
            > <%
            > //Define the database connection: bedb
            > ........
            > %>
            > <%
            > response.setContentType("image/gif");
            > ServletOutputStream ot = response.getOutputStream();
            > BufferedOutputStream os = new BufferedOutputStream(ot);
            > byte[] b = null;
            > String m_Sql="select image from Image";
            > ResultSet rsimage = bedb.executeQuery(m_Sql);
            > if (rsimage.next())
            > {
            > b=rsimage.getBytes(1);
            > }
            > if(b!=null)
            > {
            > os.write(b);
            > }
            > os.flush();
            > os.close();
            > %>
            Dimitri
            

• Security problems while applet servlet communication

  hi,
  iam using sun server for my application..iam calling an applet in a jsp page..when this applet loads it displays values which r retreived from other server using servlets..in applet init method iam calling a method called getDocClassDesc which is in applettoservet.java..in this method i will pass parameters to a servlet called interaction servlet..in servlet i will retreive parameter and call a bean method for getting docclassdesc..my problem is when i load this in browser it is not loading applet.and not showing anything..at the bottom of browser status bar showing that search applet not inited...
  what could be the problem..is it of permission policy of settings..if so i do set these things in sun server..give me the code also..
  if not any other problem plz give me hints..
  if i just display normal aplet without retreiving from servlet it is working fine..but when communicaion with servlet and retreivel then nothing..plz help me..
  regards,
  sam

  Trace would help maybe:
  To turn the full trace on (windows) you can start the java console, to be found here:
  C:\Program Files\Java\j2re1.4...\bin\jpicpl32.exe
  In the advanced tab you can fill in something for runtime parameters fill in this:
  -Djavaplugin.trace=true -Djavaplugin.trace.option=basic|net|security|ext|liveconnect
  if you cannot start the java console check here:
  C:\Documents and Settings\userName\Application Data\Sun\Java\Deployment\deployment.properties
  add or change the following line:
  javaplugin.jre.params=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
  The trace is here:
  C:\Documents and Settings\your user\Application Data\Sun\Java\Deployment\log\plugin...log

• [Fwd: Security problem accessing MBeanServer from a servlet]

  Reposting to Security and Servlet newsgroups.
  -------- Original Message --------
  Subject: Security problem accessing MBeanServer from a servlet
  Date: 10 Feb 2004 13:02:09 -0800
  From: Alain <[email protected]>
  Reply-To: Alain <[email protected]>
  Organization: BEA NEWS SITE
  Newsgroups: weblogic.developer.interest.management
  Hi,
  I am trying to understand how WLS 7.0 secures a call to an MBean. Got
  the following
  scenario:
  - I am in a servlet context
  - I have created and registered an MBean with the WLS MBeanServer. Fine
  so far
  - Within the same call I can retrieve the MBean attributes. Fine so far
  - I keep the MBeanServer reference in an object global to the servlet
  context
  The problem:
  - When I do another request and try to use the cached MBeanServer
  instance to
  access the MBean, I get the following error:
  weblogic.management.NoAccessRuntimeException: Access not allowed for
  subject:
  principals=[], on ResourceType ...
  Any idea?
  Alain

  PaulF <paulf@reply_in_newsgroup.com> wrote:
  On 10 Feb 2004 13:02:09 -0800, Alain <[email protected]> wrote:
  Hi,
  I am trying to understand how WLS 7.0 secures a call to an MBean. Got
  the following
  scenario:
  - I am in a servlet context
  - I have created and registered an MBean with the WLS MBeanServer.Fine
  so far
  - Within the same call I can retrieve the MBean attributes. Fine sofar
  - I keep the MBeanServer reference in an object global to the servlet
  context
  The problem:
  - When I do another request and try to use the cached MBeanServer
  instance to
  access the MBean, I get the following error:
  weblogic.management.NoAccessRuntimeException: Access not allowed for
  subject:
  principals=[], on ResourceType ...
  Any idea?
  AlainWhat ResourceType are you trying to access. From the Exception you're
  trying to access it as an Anonymous user (principals=[]) and evidently
  you're attempting to access something that is protected. I can't tell
  what
  from the snippet you've included.
  Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
  Thanks Paul for your reply.
  You are right. I can access my custom MBeans if I am authenticated for example
  as an Administrator. My problem is that I want any application to access this
  MBean authenticated or not. I am trying to find how I could grant permission to
  this MBean to everyone. Still searching.
  Thanks.

• [svn:bz-trunk] 8910: Bug: LCDS-936 - Should have better error message in servlet log if server in services-config .xml is configured to use wrong class.

  Revision: 8910
  Author:   [email protected]
  Date:     2009-07-29 14:22:26 -0700 (Wed, 29 Jul 2009)
  Log Message:
  Bug: LCDS-936 - Should have better error message in servlet log if server in services-config.xml is configured to use wrong class.
  QA: Yes
  Doc: No
  Checkintests: Pass
  Ticket Links:
      http://bugs.adobe.com/jira/browse/LCDS-936
  Modified Paths:
      blazeds/trunk/modules/core/src/flex/messaging/MessageBrokerServlet.java

  After many hard working days.i finally found the error cause,i needed to make weblogic datasource also ADF doesnt work on internet explorer browser,it works on safary.hope it helps somebody

• Problems using jdk 1.4.0-beta 2 with JDeveloper 3.2.3

  I've problems using the jdk 1.4.0-beta 2 with JDeveloper 3.2.3.
  Used jdk 1.3.1 before, evertything worked correctly, accept a smal prob with the minimize- and maximize-icons of JInternalframe.
  Got mail that this would be solved with new jdk.
  But when i define new JDK in JDeveloper and try to compile i get the following message:
  Error: (0) initialization error: class Error const *: class file has wrong version 48.0, should be 45.3 or 46.0.
  If i compile the code from the commandline with javac myself it compiles correctly and the program runs fine.
  can anyone help??

  The problem you are having is that jdev doesn't support the new beta..I have the same problem and I am currently compiling and executing from the command line
  I heard there is a workaround but I have never found it
  sorry

• The padlock icon shown when entering secure sites using Firefox 3.x is not displayed using Firefox 4. How can this be restored? Is it indicating another problem?

  The padlock icon shown when entering secure sites using Firefox 3.x is not displayed using Firefox 4.

  It has been changed. Please read this article:
  https://support.mozilla.com/en-US/kb/Site%20Identity%20Button
  You can use this add-on to get the classic icon back:
  https://addons.mozilla.org/en-US/firefox/addon/padlock-icon/

• Open Jasper Report in new page using servlet

  Guys,
  Looks very simple but i am having problem making this process work. I am using 11.1.1.4
  This is my use case:
  - From a employee page, user clicks on a menu item to open report for current employee. I need to pass appropriate report parameters to servlet and open report into new page.
  I can successfully call servlet using commandmenuitem and set request parameters and call servlet from backing bean.... but that doesn't open report in a new page.... any way i can do this?
  Another option i tried was that using gomenuitem and setting target=blank but in that case i need to pass the parameter using servlet url which i like to avoid.(in case i need to pass many parameters in future) (also values will be set on page so i need to generate url when then click the menuitem...... so there are some hoops and loops i need to go through) I don't know a way to pass the request parameter using backing bean to servlet... i don't think it is possible.
  Those are the two approaches i tried.
  If you have any better approach...I would appreciate if you can let me know. (i have searched on internet for two days now.... for the solution)
  -R
  Edited by: polo on Dec 13, 2011 7:22 AM

  Hi,
  Hope following will useful
  http://sameh-nassar.blogspot.com/2009/10/using-jasper-reports-with-jdeveloper.html
  http://www.gebs.ro/blog/oracle/jasper-reports-in-adf/

• Problem using integrated WLS in jDeveloper 11.1.2.1.0

  Hey there,
  I got a problem using the integrated WLS from the jDeveloper 11.1.2.1.0.
  After trying to deploy an ADF Web Application on the integrated WLS, I get the following log message:
  LOG
  +[Waiting for the domain to finish building...]+
  +[11:26:04 AM] Creating Integrated Weblogic domain...+
  +[11:28:13 AM] Extending Integrated Weblogic domain...+
  +[11:30:06 AM] Integrated Weblogic domain processing completed successfully.+
  *** Using HTTP port 7101 ***
  *** Using SSL port 7102 ***
  +/home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain/bin/startWebLogic.sh+
  +[waiting for the server to complete its initialization...]+
  +.+
  +.+
  JAVA Memory arguments: -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=128m  -XX:MaxPermSize=512m
  +.+
  WLS Start Mode=Development
  +.+
  CLASSPATH=/home/robin/bin/wls/oracle_common/modules/oracle.jdbc_11.1.1/ojdbc6dms.jar:/home/robin/bin/wls/patch_wls1211/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/robin/bin/wls/patch_oepe100/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/robin/bin/wls/patch_ocp371/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/robin/bin/wls/jdk160_29/lib/tools.jar:/home/robin/bin/wls/wlserver_12.1/server/lib/weblogic_sp.jar:/home/robin/bin/wls/wlserver_12.1/server/lib/weblogic.jar:/home/robin/bin/wls/modules/features/weblogic.server.modules_12.1.1.0.jar:/home/robin/bin/wls/wlserver_12.1/server/lib/webservices.jar:/home/robin/bin/wls/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/robin/bin/wls/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:/home/robin/bin/wls/oracle_common/modules/oracle.jrf_11.1.1/jrf.jar:/home/robin/bin/wls/wlserver_12.1/common/derby/lib/derbyclient.jar:/home/robin/bin/wls/wlserver_12.1/server/lib/xqrl.jar
  +.+
  PATH=/home/robin/bin/wls/wlserver_12.1/server/bin:/home/robin/bin/wls/modules/org.apache.ant_1.7.1/bin:/home/robin/bin/wls/jdk160_29/jre/bin:/home/robin/bin/wls/jdk160_29/bin:/usr/local/bin:/usr/bin:/bin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/games/bin
  +.+
  +*  To start WebLogic Server, use a username and   *+
  +*  password assigned to an admin-level user.  For *+
  +*  server administration, use the WebLogic Server *+
  +*  console at http://hostname:port/console        *+
  starting weblogic with Java version:
  java version "1.6.0_29"
  Java(TM) SE Runtime Environment (build 1.6.0_29-b11)
  Java HotSpot(TM) Client VM (build 20.4-b02, mixed mode)
  Starting WLS with line:
  +/home/robin/bin/wls/jdk160_29/bin/java -client -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=128m -XX:MaxPermSize=512m -Dweblogic.Name=DefaultServer -Djava.security.policy=/home/robin/bin/wls/wlserver_12.1/server/lib/weblogic.policy -Djavax.net.ssl.trustStore=/tmp/trustStore7618453572230021232.jks -Dhttp.proxyHost=emea-proxy.uk.oracle.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=localhost|localhost.localdomain|127.0.0.1|::1|MUELLER-BADY-GENTOO|MUELLER-BADY-GENTOO -Dhttps.proxyHost=emea-proxy.uk.oracle.com -Dhttps.proxyPort=80 -Doracle.jdeveloper.adrs=true -Dweblogic.nodemanager.ServiceEnabled=true -Xverify:none -Djava.endorsed.dirs=/home/robin/bin/wls/jdk160_29/jre/lib/endorsed:/home/robin/bin/wls/wlserver_12.1/endorsed -da -Dplatform.home=/home/robin/bin/wls/wlserver_12.1 -Dwls.home=/home/robin/bin/wls/wlserver_12.1/server -Dweblogic.home=/home/robin/bin/wls/wlserver_12.1/server -Djps.app.credential.overwrite.allowed=true -Dcommon.components.home=/home/robin/bin/wls/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain -Djrockit.optfile=/home/robin/bin/wls/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain/config/fmwconfig/servers/DefaultServer -Doracle.domain.config.dir=/home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain/config/fmwconfig -Digf.arisidbeans.carmlloc=/home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain/config/fmwconfig/carml -Digf.arisidstack.home=/home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain/servers/DefaultServer/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/home/robin/bin/wls/oracle_common/modules/oracle.ossoiap_11.1.1,/home/robin/bin/wls/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.jdbc.remoteEnabled=false -Dwsm.repository.path=/home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain/oracle/store/gmds -Dweblogic.management.discover=true -Dwlw.iterativeDev= -Dwlw.testConsole= -Dwlw.logErrorsToConsole= -Dweblogic.ext.dirs=/home/robin/bin/wls/patch_wls1211/profiles/default/sysext_manifest_classpath:/home/robin/bin/wls/patch_oepe100/profiles/default/sysext_manifest_classpath:/home/robin/bin/wls/patch_ocp371/profiles/default/sysext_manifest_classpath weblogic.Server+
  +<Feb 10, 2012 11:30:09 AM CET> <Info> <Security> <BEA-090905> <Disabling CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>+
  +<Feb 10, 2012 11:30:10 AM CET> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>+
  +<Feb 10, 2012 11:30:11 AM CET> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) Client VM Version 20.4-b02 from Sun Microsystems Inc..>+
  +<Feb 10, 2012 11:30:12 AM CET> <Info> <Management> <BEA-141107> <Version: WebLogic Server 12.1.1.0 Wed Dec 7 08:40:57 PST 2011 1445491 >+
  +<Feb 10, 2012 11:30:15 AM CET> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING.>+
  +<Feb 10, 2012 11:30:15 AM CET> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool.>+
  +<Feb 10, 2012 11:30:15 AM CET> <Notice> <Log Management> <BEA-170019> <The server log file /home/robin/.jdeveloper/system11.1.2.1.38.60.81/DefaultDomain/servers/DefaultServer/logs/DefaultServer.log is opened. All server side log events will be written to this file.>+
  Feb 10, 2012 11:30:24 AM oracle.security.jps.internal.keystore.file.FileKeyStoreManager saveKeyStore
  WARNING: Failed to save farm keystore. Reason {0}
  Feb 10, 2012 11:30:24 AM oracle.security.jps.internal.keystore.file.FileKeyStoreManager createKeyStore
  WARNING: Failed to save farm keystore. Reason {0}
  oracle.security.jps.service.keystore.KeyStoreServiceException: JPS-06513: Failed to save farm keystore. Reason
  +     at oracle.security.jps.internal.keystore.file.FileKeyStoreManager.createKeyStore(FileKeyStoreManager.java:309)+
  +     at oracle.security.jps.internal.keystore.file.FileKeyStoreServiceImpl.doInit(FileKeyStoreServiceImpl.java:95)+
  +     at oracle.security.jps.internal.keystore.file.FileKeyStoreServiceImpl.<init>(FileKeyStoreServiceImpl.java:73)+
  +     at oracle.security.jps.internal.keystore.file.FileKeyStoreServiceImpl.<init>(FileKeyStoreServiceImpl.java:63)+
  +     at oracle.security.jps.internal.keystore.KeyStoreProvider.getInstance(KeyStoreProvider.java:157)+
  +     at oracle.security.jps.internal.keystore.KeyStoreProvider.getInstance(KeyStoreProvider.java:64)+
  +     at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.findServiceInstance(ContextFactoryImpl.java:139)+
  +     at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:170)+
  +     at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:191)+
  +     at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:132)+
  +     at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:127)+
  +     at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:850)+
  +     at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:844)+
  +     at java.security.AccessController.doPrivileged(Native Method)+
  +     at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:844)+
  +     at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)+
  +     at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:284)+
  +     at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)+
  +     at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)+
  +     at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)+
  +     at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)+
  +     at java.lang.reflect.Constructor.newInstance(Constructor.java:513)+
  +     at java.lang.Class.newInstance0(Class.java:355)+
  +     at java.lang.Class.newInstance(Class.java:308)+
  +     at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1343)+
  +     at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1022)+
  +     at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)+
  +     at weblogic.security.SecurityService.start(SecurityService.java:148)+
  +     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)+
  +     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)+
  +     at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)+
  +<Feb 10, 2012 11:30:24 AM CET> <Error> <Security> <BEA-090892> <The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider>+
  +<Feb 10, 2012 11:30:24 AM CET> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider+
  +weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider+
  +     at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1402)+
  +     at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1022)+
  +     at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)+
  +     at weblogic.security.SecurityService.start(SecurityService.java:148)+
  +     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)+
  +     Truncated. see log file for complete stacktrace+
  +Caused By: oracle.security.jps.JpsRuntimeException: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider+
  +     at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:293)+
  +     at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:284)+
  +     at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)+
  +     at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)+
  +     at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)+
  +     Truncated. see log file for complete stacktrace+
  +Caused By: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider+
  +     at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:899)+
  +     at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)+
  +     at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:284)+
  +     at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)+
  +     at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)+
  +     Truncated. see log file for complete stacktrace+
  +Caused By: java.security.PrivilegedActionException: oracle.security.jps.JpsException: [PolicyUtil] Unable to obtain default JPS Context!+
  +     at java.security.AccessController.doPrivileged(Native Method)+
  +     at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:844)+
  +     at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)+
  +     at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:284)+
  +     at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)+
  +     Truncated. see log file for complete stacktrace+
  +Caused By: oracle.security.jps.JpsException: [PolicyUtil] Unable to obtain default JPS Context!+
  +     at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:860)+
  +     at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:844)+
  +     at java.security.AccessController.doPrivileged(Native Method)+
  +     at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:844)+
  +     at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)+
  +     Truncated. see log file for complete stacktrace+
  Caused By: oracle.security.jps.service.keystore.KeyStoreServiceException: JPS-06513: Failed to save farm keystore. Reason
  +     at oracle.security.jps.internal.keystore.file.FileKeyStoreManager.createKeyStore(FileKeyStoreManager.java:309)+
  +     at oracle.security.jps.internal.keystore.file.FileKeyStoreServiceImpl.doInit(FileKeyStoreServiceImpl.java:95)+
  +     at oracle.security.jps.internal.keystore.file.FileKeyStoreServiceImpl.<init>(FileKeyStoreServiceImpl.java:73)+
  +     at oracle.security.jps.internal.keystore.file.FileKeyStoreServiceImpl.<init>(FileKeyStoreServiceImpl.java:63)+
  +     at oracle.security.jps.internal.keystore.KeyStoreProvider.getInstance(KeyStoreProvider.java:157)+
  +     Truncated. see log file for complete stacktrace+
  +>+
  +<Feb 10, 2012 11:30:24 AM CET> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED.>+
  +<Feb 10, 2012 11:30:24 AM CET> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down.>+
  +<Feb 10, 2012 11:30:24 AM CET> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN.>+
  Process exited.
  */LOG*
  After that, I tried setting permissions for the cwallet.sso file to ugo+rwx, but this leads to the same problems as mentioned above.
  My second try was to setup an external WLS 12c, but it seems to be not yet possible to connect to a WLS 12c from within jDeveloper.
  Do you have any ideas ?
  Thank you in advance for your help.
  Regards,
  Robin

  After debugging the WLS Initialisation with jdb, I recognized that there was some trouble with dependent libraries.
  In the end, I solved my problem by using another OS (Ubuntu 11.10) for development. There, the WLS works out of the box, even with 64-Bit libraries.
  Thank you for your help.
  Regards,
  Robin

• I am currently using Firefox Version 1.5.0.12 on my iBook G4 with Mac OS X Version 10.3.9. I have problems using Facebook. What can I do?

  I am currently using Firefox Version 1.5.0.12 on my iBook G4 with Mac OS X Version 10.3.9. I have problems using Facebook. I cannot confirm friend requests or view messages in the inbox for instance. What can I do?
  == URL of affected sites ==
  http://facebook.com

  Firefox 2.0.0.20 is the last ever release for Mac OSX 10.3.9 and earlier versions, but that may not work any better because some large websites are blocking those older browsers or dropping support for older browsers like IE6 & earlier, and Firefox 2 & earlier due to security issues.
  Using Safari on those websites ''(not enough total users for websites to be concerned about)'', or installing a new version of MacOSX are two solutions; or getting a new computer.

• Need to solve serious security problem with Oracle Reports URL

  As mentioned repeatedly on this forum, Oracle Reports allows serious security breaches that allow users to see reports that they did not generate -- it's easy to guess a legal URL by changing the getjobid parameter.
  I've reviewed the JavaDocs to part of the rwrun.jar file and reviewed some of the example report plugins. This shows promise in helping to solve this security problem but critical pieces are missing.
  1) The javadocs are accurate for only 10g (9.0.4) but not correct for 10g (10.1.2+), which we are currently using. I need access to the updated version of this javadoc.
  2) Even with the updated version of the JavaDoc, I haven't found a class from which to inherit that would give me the opportunity to generate random jobid values, which then would effectively prevent users from guessing other jobid values, and thereby gaining access to other's reports (which in our cases, may contain sensitive information.
  3) We have found that we can send the parameter=value of EXPIRATION=1 which helps protect such information, but this requires that every program which invokes a report be modified to add this parameter. It would be far better for the report server to be configured to use a java class we write that inherits from some rwrun.jar class that would by default, add the EXPIRATION=1 parameter.

  Hi,
  Thanks for our replies. I will ask to an administrator about this security problem, now I know it depends of a security parameter.
  But I would know if it could be possible to hide the technical name of the query in the url. It could improve the security level of our reports in a first time in this way.
  Thanks a lot,
  JW.

• ADF Security to J2EE Container Managed Security Problems

  Hi al!
  I had ADF security enabled in my application. I've added roles and users to embedded OC4J Server Preferences..., configured authorization using pageDefs... (following the Introduction to ADF Security in JDeveloper 10.1.3.2 howto).
  For the sake of friendlier user and roles management I decided to go to 2EE Container Managed Security (I want application manager in production environment to be able to manage users in only one place, not in DB table and extra for web app). I followed Frank Nimphius's Database Authentication and Authorization in J2EE Container Managed Security article.
  Now I have some problems. I removed users and roles from embedded OC4J Server Preferences... (I believe this are used only for ADF security, am I right?). I can log to application with admin user account (app index page doesn't have any binds and even pageDef), but when trying to access admin pages I get 401 Unauthorized page.
  What am I doing wrong, probably I've forgotten something? I'm a bit confused now with users and roles settings and ADF and container managed security.
  Part of my web.xml file:
  <servlet>
  <servlet-name>adfAuthentication</servlet-name>
  <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
  <init-param>
  <param-name>success_url</param-name>
  <param-value>/faces/app/index.jspx</param-value>
  </init-param>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
  <servlet-name>adfAuthentication</servlet-name>
  <url-pattern>/adfAuthentication/*</url-pattern>
  </servlet-mapping>
  <security-role>
  <description>Admins</description>
  <role-name>admin_role</role-name>
  </security-role>
  <security-role>
  <description>Users</description>
  <role-name>user_role</role-name>
  </security-role>
  <security-role>
  <role-name>oc4j-administrators</role-name>
  </security-role>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>AllAdmins</web-resource-name>
  <url-pattern>faces/admin/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>admin_role</role-name>
  </auth-constraint>
  </security-constraint>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>AllUsers</web-resource-name>
  <url-pattern>faces/app/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>user_role</role-name>
  <role-name>admin_role</role-name>
  </auth-constraint>
  </security-constraint>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>adfAuthentication</web-resource-name>
  <url-pattern>/adfAuthentication</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>oc4j-administrators</role-name>
  <role-name>user_role</role-name>
  <role-name>admin_role</role-name>
  </auth-constraint>
  </security-constraint>
  Do I have to remove this adfAuthentication tags?
  I know I've made things a bit complicated for me now and for anyone to help, but I hope I will get at least some pointers what to do now and maybe some explanation about roles in container managed security? Is it enaugh to have security constraints and roles defined in web.xml file or they have to be defined somewhere else also (beside the database)?
  Thank you in advance!
  Bye
  PS
  Maybe stack trace after login:
  FINE: LoginConfigProvider.ctr: lmm=[LoginModuleManager: jznCfg=[JAZNConfig null], appConfigEntries={oracle.security.jazn.oc4j.CertificateAuthenticator=[javax.security.auth.login.AppConfigurationEntry@3625d0], oracle.security.jazn.tools.Admintool=[javax.security.auth.login.AppConfigurationEntry@eca6e7], oracle.security.jazn.oc4j.WebCoreIDSSOAuthenticator=[javax.security.auth.login.AppConfigurationEntry@c1c7c4], oracle.security.jazn.oc4j.DigestAuthenticator=[javax.security.auth.login.AppConfigurationEntry@221f81], oracle.security.wss.jaas.SAMLAuthManager=[javax.security.auth.login.AppConfigurationEntry@426e05], oracle.security.jazn.oc4j.JAZNUserManager=[javax.security.auth.login.AppConfigurationEntry@145240a], current-workspace-app=[javax.security.auth.login.AppConfigurationEntry@4120aa], oracle.security.wss.jaas.JAASAuthManager=[javax.security.auth.login.AppConfigurationEntry@1c78f98]}]
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option data_source_name = jdbc/TESTDbDS
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option table = APPLICATION_USER
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option groupMembershipTableName = APPLICATION_ROLE
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option usernameField = USR_EMAIL
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option passwordField = USR_PSW
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option groupMembershipGroupFieldName = ROLE_NAME
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option user_pk_column = USR_EMAIL
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option roles_fk_column = USR_EMAIL
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option pw_encoding_class = null
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option realm_column = null
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option application_realm = null
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
  FINE: [DBTableOraDataSourceLoginModule] option casing = toupper
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
  FINE: [DBTableOraDataSourceLoginModule]login called on DBTableLoginModule
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
  FINE: [DBTableOraDataSourceLoginModule]Calling callbackhandler ...
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
  FINE: [DBTableOraDataSourceLoginModule]Username returned by callback = admin
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
  FINE: [DBTableOraDataSourceLoginModule]Username changed to case as defined by toupper to ADMIN
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
  FINE: [DBTableOraDataSourceLoginModule]User query string: select USR_EMAIL,USR_PSW from APPLICATION_USER where USR_EMAIL= (?)
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
  FINE: [DBTableOraDataSourceLoginModule]User primary key value found = ADMIN
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
  FINE: [DBTableOraDataSourceLoginModule]Password encoded by: oracle.security.jazn.login.module.db.util.DBLoginModuleClearTextEncoder
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
  FINE: [DBTableOraDataSourceLoginModule]User ADMIN authenticated successfully
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
  FINE: [DBTableOraDataSourceLoginModule]Roles query string: select ROLE_NAME from APPLICATION_ROLE where USR_EMAIL= (?)
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
  FINE: [DBTableOraDataSourceLoginModule]DBUser Principal Name: ADMIN
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
  FINE: [DBTableOraDataSourceLoginModule]DBRole Principal Name: admin_role
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
  FINE: [DBTableOraDataSourceLoginModule]Logon Successful = true
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule commit
  FINE: [DBTableOraDataSourceLoginModule]Subject contains 0 Principals before auth
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule commit
  FINE: [DBTableOraDataSourceLoginModule]Local LM commit succeeded
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule commit
  FINE: [DBTableOraDataSourceLoginModule]Subject contains 2 Principals after auth
  24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule commit
  FINE: [DBTableOraDataSourceLoginModule]Cleaning internal state!

  Hi there!
  I have another question about this. I've modified a bit DBRolePrincipal class to see what's going on. At the beginning of the equals(Object another) method I added this lines:
  log("method equals start",0);
  log("another type = " + another.getClass(), 0);
  if (another instanceof Principal)
  Principal mine = (Principal)another;
  log("Principal mine.getName() = " + mine.getName(), 0);
  The result is this output (after navigating to page that gives 401 forbidden):
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
  07/10/12 08:38:36 [DBRolePrincipal] method equals start
  07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
  07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
  Why is the name of ADFRolePrincipal always anyone? When I sign in with this user the output says:
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] User query string: select USERNAME,PASSWORD from ACTIVE_APP_USER_V where USERNAME= (?)
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] User primary key value found = admin_user
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Password encoded by: oracle.sample.dbloginmodule.util.DBLoginModuleCearTextEncoder
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] User admin_user authenticated successfully
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Roles query string: select ROLE_NAME from ACTIVE_APP_ROLE_V where USERNAME= (?)
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] DBRole Principal Name: admin_role
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] DBUser Principal Name: admin_user
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Logon Successful = true
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Subject contains 0 Principals before auth
  07/10/12 08:46:09 [DBUserPrincipal] method equals start
  07/10/12 08:46:09 [DBUserPrincipal] another type = class oracle.sample.dbloginmodule.principals.DBRolePrincipal
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Local LM commit succeeded
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Subject contains 2 Principals after auth
  07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Cleaning internal state!
  Frank, if you haven't given up on this issue yet could you please try to explain this to me? Why doesn't admin_role principal never get compared in [equals[/i] method?
  Thank you!
  BB

• Cocoon2 weblogic (5.1 sp6) class loader security problem

  Hello folks,
  System:
  Cocoon: v2.0
  JDK: Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-C),
  Java HotSpot(TM) Client VM (build 1.3.0-C, mixed mode)
  OS: NT4 SP5
  Servlet: v2.2
  AppServer: Weblogic 5.1 SP6
  Symptoms:
  I've updated our application from Cocoon 1.7.4 to Cocoon2. After I
  figured out what libraries I need on the Weblogic's classpath, I managed
  to envoke the MyServlet (MyServlet extends CocoonServlet). The technique
  I am using is the one I used with the Cocoon v1.7.4: extend Cocoon
  servlet and wrap the HttpServletRequest in MyRequest to provide the XML
  content. I changed the line <map:generators default="request"> in
  sitemap.xmap to specify the location of the source. Configuration files
  seem to be read correctly and the file
  <myWebAppContext>/WEB-INF/_tmp_war/org/apache/cocoon/www/sitemap_xmap.java
  is generated (but there is no class file generated)!
  I looked at the cocoon.log file and looks like a class loader security
  problem: the \WEB-INF\_tmp_war gets locked! Is there any workaround this
  problem? Any help is much appreciated!
  cocoon.log file generated:
  DEBUG 62 [cocoon  ] (ExecuteThread-11): Using configuration file:
  /cocoon.xconf
  INFO 62 [cocoon  ] (ExecuteThread-11): Reloading from:
  file:D:/Programs/cocoon-1.8.2/samples/cocoon.xconf
  DEBUG 93 [cocoon  ] (ExecuteThread-11): New Cocoon object.
  DEBUG 93 [cocoon  ] (ExecuteThread-11): Using parser:
  org.apache.cocoon.components.parser.JaxpParser
  DEBUG 109 [cocoon  ] (ExecuteThread-11): Creating Repository with
  this directory: D:\programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
  DEBUG 109 [cocoon  ] (ExecuteThread-11): Classpath =
  D:\Programs\cocoon-1.8.2\samples\WEB-INF\classes;D:\Programs\cocoon-1.8.2\samples\WEB-INF\lib\javac.jar;D:\avue\lib\servlet.jar;D:\avue\lib\jaxp.jar;D:\avue\lib\xerces.jar;D:\avue\lib\xalan.jar;D:\avue\lib\cocoon.jar;D:\avue\lib\avalonapi.jar;D:\avue\lib\logkit.jar;D:\avue\lib\maybeupload.jar;D:\avue\lib\jakarta-regexp-1.2.jar;D:\avue\lib\jstyle.jar;D:\avue\lib\javac.jar;D:\weblogic\lib\weblogic510sp6boot.jar;D:\weblogic\classes\boot;
  DEBUG 109 [cocoon  ] (ExecuteThread-11): Work directory =
  D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
  DEBUG 125 [cocoon  ] (Thread-0): ComponentFactory creating new
  instance of org.apache.cocoon.components.parser.JaxpParser.
  DEBUG 140 [cocoon  ] (Thread-0): ComponentFactory creating new
  instance of org.apache.cocoon.components.parser.JaxpParser.
  DEBUG 140 [cocoon  ] (Thread-0): ComponentFactory creating new
  instance of org.apache.cocoon.components.parser.JaxpParser.
  DEBUG 140 [cocoon  ] (Thread-0): ComponentFactory creating new
  instance of org.apache.cocoon.components.parser.JaxpParser.
  DEBUG 390 [cocoon  ] (ExecuteThread-11): Root configuration:
  cocoon
  DEBUG 390 [cocoon  ] (ExecuteThread-11): Configuration version:
  2.0
  DEBUG 390 [cocoon  ] (ExecuteThread-11): Setting up components...
  DEBUG 406 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.parser.Parser =
  org.apache.cocoon.components.parser.JaxpParser)
  DEBUG 406 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.language.generator.ProgramGenerator =
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl)
  DEBUG 406 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.url.URLFactory =
  org.apache.cocoon.components.url.URLFactoryImpl)
  DEBUG 406 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.saxconnector.SAXConnector =
  org.apache.cocoon.components.saxconnector.NullSAXConnector)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.avalon.util.datasource.DataSourceComponentSelector =
  org.apache.cocoon.components.CocoonComponentSelector)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.avalon.util.pool.PoolController =
  org.apache.cocoon.components.ComponentPoolController)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.language.programming.ProgrammingLanguageSelector
  = org.apache.cocoon.components.CocoonComponentSelector)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.language.markup.MarkupLanguageSelector =
  org.apache.cocoon.components.CocoonComponentSelector)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.store.Store =
  org.apache.cocoon.components.store.MemoryStore)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.classloader.ClassLoaderManager =
  org.apache.cocoon.components.classloader.ClassLoaderManagerImpl)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Setting up the sitemap.
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Sitemap location =
  sitemap.xmap
  DEBUG 703 [cocoon  ] (ExecuteThread-11): ComponentFactory creating
  new instance of org.apache.cocoon.components.url.URLFactoryImpl.
  DEBUG 703 [cocoon  ] (ExecuteThread-11): Getting the URLFactories
  DEBUG 703 [cocoon  ] (ExecuteThread-11): for protocol:
  resource org.apache.cocoon.components.url.ResourceURLFactory
  DEBUG 718 [cocoon  ] (ExecuteThread-11): for protocol: context
  org.apache.cocoon.components.url.ContextURLFactory
  DEBUG 718 [cocoon  ] (ExecuteThread-11): Beginning sitemap
  regeneration
  DEBUG 718 [cocoon  ] (ExecuteThread-11): Making URL from
  file:/D:/Programs/cocoon-1.8.2/samples/sitemap.xmap
  DEBUG 718 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.
  DEBUG 718 [cocoon  ] (Thread-1): Could not find ComponentHandler,
  attempting to create one for role:
  org.apache.cocoon.components.language.generator.ServerPagesSelector
  DEBUG 718 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.generator.GeneratorSelector.
  DEBUG 718 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.
  DEBUG 718 [cocoon  ] (Thread-1): CocoonComponentSelector setting
  up with root element:
  DEBUG 718 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of org.apache.cocoon.components.CocoonComponentSelector.
  DEBUG 718 [cocoon  ] (Thread-1): CocoonComponentSelector setting
  up with root element: markup-languages
  DEBUG 734 [cocoon  ] (Thread-1): Adding
  org.apache.cocoon.components.language.markup.xsp.XSPMarkupLanguage for
  xsp
  DEBUG 734 [cocoon  ] (Thread-1): Adding
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage
  for sitemap
  DEBUG 734 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of org.apache.cocoon.components.CocoonComponentSelector.
  DEBUG 734 [cocoon  ] (Thread-1): CocoonComponentSelector setting
  up with root element: programming-languages
  DEBUG 750 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.programming.java.JavaLanguage.
  DEBUG 750 [cocoon  ] (Thread-1): Looking up
  org.apache.cocoon.components.classloader.ClassLoaderManager
  DEBUG 750 [cocoon  ] (Thread-1): Setting the parameters
  DEBUG 750 [cocoon  ] (Thread-1): Adding
  org.apache.cocoon.components.language.programming.java.JavaLanguage for
  java
  DEBUG 765 [cocoon  ] (Thread-1): The instance was not accessible,
  creating it now.
  DEBUG 765 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
  DEBUG 1718 [cocoon  ] (Thread-1): Making URL from
  jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
  DEBUG 1718 [cocoon  ] (Thread-1): Logicsheet
  Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
  WARN 4109 [cocoon  ] (Thread-1): Could not load class for program
  'org\apache\cocoon\www\sitemap_xmap'
  java.security.AccessControlException: access denied
  (java.io.FilePermission
  \D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
  at
  java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
  at
  java.security.AccessController.checkPermission(AccessController.java:399)
  at
  java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
  at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
  at
  java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
  at
  java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
  at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
  at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
  at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
  at
  org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
  at
  org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
  at
  org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 4109 [cocoon  ] (Thread-1): Language Exception
  org.apache.cocoon.components.language.LanguageException: Could not load
  class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
  java.security.AccessControlException: access denied
  (java.io.FilePermission
  \D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
  at
  org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
  at
  org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 4109 [cocoon  ] (Thread-1): ComponentFactory decommissioning
  instance of
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
  DEBUG 4109 [cocoon  ] (Thread-1): Can't load ServerPage
  org.apache.avalon.ComponentManagerException: Could not add component for
  class: org.apache.cocoon.www.sitemap_xmap
  at
  org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
  at
  org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:172)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 4109 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
  DEBUG 4359 [cocoon  ] (Thread-1): Making URL from
  jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
  DEBUG 4359 [cocoon  ] (Thread-1): Logicsheet
  Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
  WARN 6109 [cocoon  ] (Thread-1): Could not load class for program
  'org\apache\cocoon\www\sitemap_xmap'
  java.security.AccessControlException: access denied
  (java.io.FilePermission
  \D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
  at
  java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
  at
  java.security.AccessController.checkPermission(AccessController.java:399)
  at
  java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
  at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
  at
  java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
  at
  java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
  at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
  at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
  at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
  at
  org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
  at
  org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
  at
  org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 6109 [cocoon  ] (Thread-1): Language Exception
  org.apache.cocoon.components.language.LanguageException: Could not load
  class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
  java.security.AccessControlException: access denied
  (java.io.FilePermission
  \D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
  at
  org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
  at
  org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 6109 [cocoon  ] (Thread-1): ComponentFactory decommissioning
  instance of
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
  ERROR 6109 [cocoon  ] (Thread-1): Error compiling sitemap
  org.apache.avalon.ComponentManagerException: Could not add component for
  class: org.apache.cocoon.www.sitemap_xmap
  at
  org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
  at
  org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:219)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 6109 [cocoon  ] (ExecuteThread-11): Changing Cocoon
  context(sitemap.xmap) to prefix()
  DEBUG 6109 [cocoon  ] (ExecuteThread-11): from
  context(file:/D:/Programs/cocoon-1.8.2/samples/) and prefix()
  DEBUG 6109 [cocoon  ] (ExecuteThread-11): at URI
  DEBUG 6109 [cocoon  ] (ExecuteThread-11): New context is
  file:/D:/Programs/cocoon-1.8.2/samples/
  ERROR 6140 [cocoon  ] (ExecuteThread-11): Problem with servlet
  org.apache.cocoon.ProcessingException: The sitemap handler's sitemap is
  not available.
  at org.apache.cocoon.sitemap.Manager.invoke(Manager.java:106)
  at org.apache.cocoon.Cocoon.process(Cocoon.java:218)
  at
  org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:417)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:123)
  at
  weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:761)
  at
  weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:708)
  at
  weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:252)
  at
  weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:346)
  at
  weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:246)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:135)
  INFO 6187 [cocoon  ] (ExecuteThread-11): '' Processed by Apache
  Cocoon 2.0a4 in 5.75 seconds.
  ================================================================
  Regards,
  Georgi

  Hello folks,
  System:
  Cocoon: v2.0
  JDK: Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-C),
  Java HotSpot(TM) Client VM (build 1.3.0-C, mixed mode)
  OS: NT4 SP5
  Servlet: v2.2
  AppServer: Weblogic 5.1 SP6
  Symptoms:
  I've updated our application from Cocoon 1.7.4 to Cocoon2. After I
  figured out what libraries I need on the Weblogic's classpath, I managed
  to envoke the MyServlet (MyServlet extends CocoonServlet). The technique
  I am using is the one I used with the Cocoon v1.7.4: extend Cocoon
  servlet and wrap the HttpServletRequest in MyRequest to provide the XML
  content. I changed the line <map:generators default="request"> in
  sitemap.xmap to specify the location of the source. Configuration files
  seem to be read correctly and the file
  <myWebAppContext>/WEB-INF/_tmp_war/org/apache/cocoon/www/sitemap_xmap.java
  is generated (but there is no class file generated)!
  I looked at the cocoon.log file and looks like a class loader security
  problem: the \WEB-INF\_tmp_war gets locked! Is there any workaround this
  problem? Any help is much appreciated!
  cocoon.log file generated:
  DEBUG 62 [cocoon  ] (ExecuteThread-11): Using configuration file:
  /cocoon.xconf
  INFO 62 [cocoon  ] (ExecuteThread-11): Reloading from:
  file:D:/Programs/cocoon-1.8.2/samples/cocoon.xconf
  DEBUG 93 [cocoon  ] (ExecuteThread-11): New Cocoon object.
  DEBUG 93 [cocoon  ] (ExecuteThread-11): Using parser:
  org.apache.cocoon.components.parser.JaxpParser
  DEBUG 109 [cocoon  ] (ExecuteThread-11): Creating Repository with
  this directory: D:\programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
  DEBUG 109 [cocoon  ] (ExecuteThread-11): Classpath =
  D:\Programs\cocoon-1.8.2\samples\WEB-INF\classes;D:\Programs\cocoon-1.8.2\samples\WEB-INF\lib\javac.jar;D:\avue\lib\servlet.jar;D:\avue\lib\jaxp.jar;D:\avue\lib\xerces.jar;D:\avue\lib\xalan.jar;D:\avue\lib\cocoon.jar;D:\avue\lib\avalonapi.jar;D:\avue\lib\logkit.jar;D:\avue\lib\maybeupload.jar;D:\avue\lib\jakarta-regexp-1.2.jar;D:\avue\lib\jstyle.jar;D:\avue\lib\javac.jar;D:\weblogic\lib\weblogic510sp6boot.jar;D:\weblogic\classes\boot;
  DEBUG 109 [cocoon  ] (ExecuteThread-11): Work directory =
  D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
  DEBUG 125 [cocoon  ] (Thread-0): ComponentFactory creating new
  instance of org.apache.cocoon.components.parser.JaxpParser.
  DEBUG 140 [cocoon  ] (Thread-0): ComponentFactory creating new
  instance of org.apache.cocoon.components.parser.JaxpParser.
  DEBUG 140 [cocoon  ] (Thread-0): ComponentFactory creating new
  instance of org.apache.cocoon.components.parser.JaxpParser.
  DEBUG 140 [cocoon  ] (Thread-0): ComponentFactory creating new
  instance of org.apache.cocoon.components.parser.JaxpParser.
  DEBUG 390 [cocoon  ] (ExecuteThread-11): Root configuration:
  cocoon
  DEBUG 390 [cocoon  ] (ExecuteThread-11): Configuration version:
  2.0
  DEBUG 390 [cocoon  ] (ExecuteThread-11): Setting up components...
  DEBUG 406 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.parser.Parser =
  org.apache.cocoon.components.parser.JaxpParser)
  DEBUG 406 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.language.generator.ProgramGenerator =
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl)
  DEBUG 406 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.url.URLFactory =
  org.apache.cocoon.components.url.URLFactoryImpl)
  DEBUG 406 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.saxconnector.SAXConnector =
  org.apache.cocoon.components.saxconnector.NullSAXConnector)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.avalon.util.datasource.DataSourceComponentSelector =
  org.apache.cocoon.components.CocoonComponentSelector)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.avalon.util.pool.PoolController =
  org.apache.cocoon.components.ComponentPoolController)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.language.programming.ProgrammingLanguageSelector
  = org.apache.cocoon.components.CocoonComponentSelector)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.language.markup.MarkupLanguageSelector =
  org.apache.cocoon.components.CocoonComponentSelector)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.store.Store =
  org.apache.cocoon.components.store.MemoryStore)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Adding component
  (org.apache.cocoon.components.classloader.ClassLoaderManager =
  org.apache.cocoon.components.classloader.ClassLoaderManagerImpl)
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Setting up the sitemap.
  DEBUG 422 [cocoon  ] (ExecuteThread-11): Sitemap location =
  sitemap.xmap
  DEBUG 703 [cocoon  ] (ExecuteThread-11): ComponentFactory creating
  new instance of org.apache.cocoon.components.url.URLFactoryImpl.
  DEBUG 703 [cocoon  ] (ExecuteThread-11): Getting the URLFactories
  DEBUG 703 [cocoon  ] (ExecuteThread-11): for protocol:
  resource org.apache.cocoon.components.url.ResourceURLFactory
  DEBUG 718 [cocoon  ] (ExecuteThread-11): for protocol: context
  org.apache.cocoon.components.url.ContextURLFactory
  DEBUG 718 [cocoon  ] (ExecuteThread-11): Beginning sitemap
  regeneration
  DEBUG 718 [cocoon  ] (ExecuteThread-11): Making URL from
  file:/D:/Programs/cocoon-1.8.2/samples/sitemap.xmap
  DEBUG 718 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.
  DEBUG 718 [cocoon  ] (Thread-1): Could not find ComponentHandler,
  attempting to create one for role:
  org.apache.cocoon.components.language.generator.ServerPagesSelector
  DEBUG 718 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.generator.GeneratorSelector.
  DEBUG 718 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.
  DEBUG 718 [cocoon  ] (Thread-1): CocoonComponentSelector setting
  up with root element:
  DEBUG 718 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of org.apache.cocoon.components.CocoonComponentSelector.
  DEBUG 718 [cocoon  ] (Thread-1): CocoonComponentSelector setting
  up with root element: markup-languages
  DEBUG 734 [cocoon  ] (Thread-1): Adding
  org.apache.cocoon.components.language.markup.xsp.XSPMarkupLanguage for
  xsp
  DEBUG 734 [cocoon  ] (Thread-1): Adding
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage
  for sitemap
  DEBUG 734 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of org.apache.cocoon.components.CocoonComponentSelector.
  DEBUG 734 [cocoon  ] (Thread-1): CocoonComponentSelector setting
  up with root element: programming-languages
  DEBUG 750 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.programming.java.JavaLanguage.
  DEBUG 750 [cocoon  ] (Thread-1): Looking up
  org.apache.cocoon.components.classloader.ClassLoaderManager
  DEBUG 750 [cocoon  ] (Thread-1): Setting the parameters
  DEBUG 750 [cocoon  ] (Thread-1): Adding
  org.apache.cocoon.components.language.programming.java.JavaLanguage for
  java
  DEBUG 765 [cocoon  ] (Thread-1): The instance was not accessible,
  creating it now.
  DEBUG 765 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
  DEBUG 1718 [cocoon  ] (Thread-1): Making URL from
  jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
  DEBUG 1718 [cocoon  ] (Thread-1): Logicsheet
  Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
  WARN 4109 [cocoon  ] (Thread-1): Could not load class for program
  'org\apache\cocoon\www\sitemap_xmap'
  java.security.AccessControlException: access denied
  (java.io.FilePermission
  \D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
  at
  java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
  at
  java.security.AccessController.checkPermission(AccessController.java:399)
  at
  java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
  at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
  at
  java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
  at
  java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
  at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
  at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
  at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
  at
  org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
  at
  org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
  at
  org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 4109 [cocoon  ] (Thread-1): Language Exception
  org.apache.cocoon.components.language.LanguageException: Could not load
  class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
  java.security.AccessControlException: access denied
  (java.io.FilePermission
  \D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
  at
  org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
  at
  org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 4109 [cocoon  ] (Thread-1): ComponentFactory decommissioning
  instance of
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
  DEBUG 4109 [cocoon  ] (Thread-1): Can't load ServerPage
  org.apache.avalon.ComponentManagerException: Could not add component for
  class: org.apache.cocoon.www.sitemap_xmap
  at
  org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
  at
  org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:172)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 4109 [cocoon  ] (Thread-1): ComponentFactory creating new
  instance of
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
  DEBUG 4359 [cocoon  ] (Thread-1): Making URL from
  jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
  DEBUG 4359 [cocoon  ] (Thread-1): Logicsheet
  Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
  WARN 6109 [cocoon  ] (Thread-1): Could not load class for program
  'org\apache\cocoon\www\sitemap_xmap'
  java.security.AccessControlException: access denied
  (java.io.FilePermission
  \D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
  at
  java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
  at
  java.security.AccessController.checkPermission(AccessController.java:399)
  at
  java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
  at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
  at
  java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
  at
  java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
  at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
  at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
  at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
  at
  org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
  at
  org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
  at
  org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 6109 [cocoon  ] (Thread-1): Language Exception
  org.apache.cocoon.components.language.LanguageException: Could not load
  class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
  java.security.AccessControlException: access denied
  (java.io.FilePermission
  \D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
  at
  org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
  at
  org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 6109 [cocoon  ] (Thread-1): ComponentFactory decommissioning
  instance of
  org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
  ERROR 6109 [cocoon  ] (Thread-1): Error compiling sitemap
  org.apache.avalon.ComponentManagerException: Could not add component for
  class: org.apache.cocoon.www.sitemap_xmap
  at
  org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
  at
  org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
  at
  org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:219)
  at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
  at java.lang.Thread.run(Thread.java:484)
  DEBUG 6109 [cocoon  ] (ExecuteThread-11): Changing Cocoon
  context(sitemap.xmap) to prefix()
  DEBUG 6109 [cocoon  ] (ExecuteThread-11): from
  context(file:/D:/Programs/cocoon-1.8.2/samples/) and prefix()
  DEBUG 6109 [cocoon  ] (ExecuteThread-11): at URI
  DEBUG 6109 [cocoon  ] (ExecuteThread-11): New context is
  file:/D:/Programs/cocoon-1.8.2/samples/
  ERROR 6140 [cocoon  ] (ExecuteThread-11): Problem with servlet
  org.apache.cocoon.ProcessingException: The sitemap handler's sitemap is
  not available.
  at org.apache.cocoon.sitemap.Manager.invoke(Manager.java:106)
  at org.apache.cocoon.Cocoon.process(Cocoon.java:218)
  at
  org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:417)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:123)
  at
  weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:761)
  at
  weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:708)
  at
  weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:252)
  at
  weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:346)
  at
  weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:246)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:135)
  INFO 6187 [cocoon  ] (ExecuteThread-11): '' Processed by Apache
  Cocoon 2.0a4 in 5.75 seconds.
  ================================================================
  Regards,
  Georgi